A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.2.4 2021-02-03T07:06:14+00:00 2021-02-03T07:06:14+00:00 tb 2021-02-03T07:06:14+00:00 urn:sha1:5eca2774fbb65f0eac0df1f87aaa91c139b0f724 Various interoperability issues and memory leaks were discovered in libcrypto and libssl. The new verifier is not bug compatible with the old verifier and caused many issues by failing to propagate errors correctly, returning different error codes than some software was trained to expect and otherwise failing when it shouldn't. While much of this is fixed in -current, it's still not perfect, so switching back to the legacy verifier is preferable at this point. Other included fixes: * Unbreak DTLS retransmissions for flights that include a CCS * Only check BIO_should_read() on read and BIO_should_write() on write * Implement autochain for the TLSv1.3 server * Use the legacy verifier for AUTO_CHAIN * Implement exporter for TLSv1.3 * Free alert_data and phh_data in tls13_record_layer_free() * Plug leak in x509_verify_chain_dup() * Free the policy tree in x509_vfy_check_policy() Original commits by jsing and tb ok inoguchi jsing 2020-09-26T14:43:17+00:00 jsing 2020-09-26T14:43:17+00:00 urn:sha1:b147e2d737372e25e4ae27eb3f3cf46c472e9055 Currently dtls1_drain_fragments() has a incomplete handrolled version of dtls1_hm_fragment_free(), which has the potential to leak memory. Replace the handrolled free with a call to dtls1_hm_fragment_free(). ok inoguchi@ tb@ 2020-09-26T09:01:05+00:00 jsing 2020-09-26T09:01:05+00:00 urn:sha1:16a00524267404e94d8c26a27dd54a75587920e7 Allocate into the appropriate structures and call dtls1_free() on failure, rather than allocating into local variables and then remembering to free various things on failure. ok tb@ 2020-09-26T08:58:00+00:00 jsing 2020-09-26T08:58:00+00:00 urn:sha1:f4c0739084aedd02b6fe70b1b3fd77fb833e59c1 Rather than using local variables and having to remember which things need to be freed upon a failure at a certain point, simply allocate into the hm_fragment struct and call dtls1_hm_fragment_free() on failure. Also use calloc() to ensure memory is appropriately zeroed/initialised. ok tb@ 2020-09-26T07:36:51+00:00 tb 2020-09-26T07:36:51+00:00 urn:sha1:4284d3c95b72551c4d0f88087d7ef3e863d48e86 An upcoming cleanup diff by jsing needs dtls1_clear_queues() to be able to handle NULL pqueues. While one can easily add a NULL check to pqueue_pop(), this does not really fit in with the rest of the code. There are two kinds of while loops in dtls1_clear_queues that drain pqueues, so add two helper functions with a NULL check each. ok jsing 2020-09-24T18:12:00+00:00 jsing 2020-09-24T18:12:00+00:00 urn:sha1:10841ee643f560678ff5ed0276c4da735ec37bdf ok beck@ inoguchi@ tb@ 2020-09-24T17:59:54+00:00 jsing 2020-09-24T17:59:54+00:00 urn:sha1:1328e78055c6ad087ebbec8484862dea13576ef5 Provide a ssl3_release_buffer() function that correctly frees a buffer and call it from the appropriate locations. While here also change ssl3_release_{read,write}_buffer() to void since they cannot fail and no callers check the return value currently. ok beck@ inoguchi@ tb@ 2020-09-22T16:31:37+00:00 schwarze 2020-09-22T16:31:37+00:00 urn:sha1:3c2327f4edba471c6f740a93c21833ec7d949058 because tb@ decided to not enable it before the release. OK tb@ 2020-09-22T13:27:08+00:00 schwarze 2020-09-22T13:27:08+00:00 urn:sha1:73027e1287f7c452f7daf47c5abbfaf91a1e4967 issue noticed by and patch OK by jsing@ 2020-09-21T15:18:13+00:00 schwarze 2020-09-21T15:18:13+00:00 urn:sha1:6e09d7f1e9f3ef530e31923e85921a0535f5a4e0 because that is both shorter and more precise; wording suggested by jsing@